A computer network includes servers that provide service to connected computing devices. One of the main concerns in such a network is secure communications. Secure communication is an integral part of securing distributed applications to protect sensitive data, including credentials, passed to and from an application, and between application tiers. Storing database connection strings securely is particularly significant. Connection strings may include clear text user names and passwords. Data access may be performed by using the process identity of the calling process, one or more service identities, or the original caller's identity (with impersonation/delegation). The choice may be determined by the data access model, trusted subsystem or impersonation/delegation. Securing data that flows across the network is another important aspect of secure communication.
The key gatekeepers for a secure data exchange system are: data store used to maintain the database connection string, server login (as determined by the server name specified in the connection string), database login (as determined by the database name specified in the connection string), and permissions attached to individual database objects.
Hard-coding the sensitive information such as storing it at the database, in registry files, and the like, causes the use and change of such information to be difficult and time-consuming.